The pfSense Store

Author Topic: Some clients getting IP from strange source..  (Read 2358 times)

0 Members and 1 Guest are viewing this topic.

Offline luke240778

  • Sr. Member
  • ****
  • Posts: 482
    • View Profile
    • Muti Wifi
Re: Some clients getting IP from strange source..
« Reply #15 on: April 30, 2012, 06:45:45 pm »
Back on topic  ;D

I'm not 100% sure, but with a firewall rule like this in your Rockets (i'm using airOS 5.3.5.), you should be able to block Rogue DHCP servers.

Please try first in Lab ;)

Edit: here you can read about UBNT & Rogue DHCP servers http://forum.ubnt.com/showthread.php?t=25073

Thanks ptt.. i'll give that a shot.. what exactly does that do?  Also, seeing that you brought up that ubnt thread.. do you have any idea how to continue with DHCP server on pfSense but using the RB750 as NAS and Hostpot with clients getting DHCP from pfsense still, but authenticating to my RADIUS server via the hotspot page on the RB?  I can't get that DHCP relay working..  I have it setup so far as:

Port 1 - Getting DHCP from pfsense
Port 2 - Setup DHCP relay but when i try and connect, it doesnt assign an IP to me.
Port 3 t0 5 have not setup as yet, was just going to test with port 2 so far, then do the rest the same.

Offline ptt

  • Hero Member
  • *****
  • Posts: 1123
    • View Profile
Re: Some clients getting IP from strange source..
« Reply #16 on: April 30, 2012, 06:57:10 pm »
Quote
i'll give that a shot.. what exactly does that do?

"If" i'm not wrong (i'm not a networking expert)

DHCP server "BOOTPS" have as src port 67, then if you block ANY (0.0.0.0/0) traffic coming from your Clients to the WLAN interface of your AP,  from port 67, then you are Blocking ANY external DHCP server.

About MikroTik, i can't help you. We are only using it as "Access Concentrator" (fancy name for a PPPoE server) and giving our customers "Static IPs", so i have no experience with MT and DHCP server / DHCP Relay  :-[

Also we are planning to take out the MikroTik PPPoE Server from our network (due the fact that Ubiquiti cant do QoS on encrypted traffic) and use Static IPs on the CPEs (in Router mode), and connect our APs (in Bridge mode) directly to the  pfSense server.
« Last Edit: April 30, 2012, 07:04:15 pm by ptt »